31 August 2017

Top 10 (ISC)² Webcasts of 2017

(ISC)² webcasts are a great source for insight into all areas of security. From the Internet of Things to malware and compliance, the topics vary. Here are the top 10 (ISC)² webcasts for 2017 so far as ranked by cybersecurity professionals:

Part 1: Future of SIEM - Why Static Correlation Fails Insider Threat Detection Hackers stealing credentials and operating in your corporate network…disgruntled employees collecting customer lists and design materials for a competitor...malware sending identity information back to random domains…these common threats have been with us for years and are only getting worse. Most organizations have invested large amounts in security intelligence, yet these solutions have fallen short. Simply put, security intelligence and management, in the form of legacy SIEM technologies, have failed to keep up with complex threats. Sponsored by Exabeam.

Visibility and Security - Two sides of the Same Coin You can’t secure what you can’t see and not knowing what’s on your network can be damaging. While security is about proactively detecting and mitigating threats before they cause damage, it is also about gaining deep visibility into today’s complex networks, which may include diverse platforms and architectures. A truly enterprise grade DNS, DHCP and IPAM (DDI) platform can provide that visibility because of where it sits in networks. On the downside, DNS is a top threat vector, but can be used as strategic control points to block malicious activity and data exfiltration. Sponsored by Infoblox.

Scaling Up Network Security: Shifting Control Back to the Defenders Network threats and data breaches continue to grow in number, sophistication and speed, overwhelming current defensive capabilities. Security teams, limited in staff, resources and time, suffer from diminished effectiveness and enterprise protection. To stay ahead, organizations must create an adaptive ecosystem of network defenses; much like the body leverages its immune system. A Defense Lifecycle Model speeds threat identification and mitigation by incorporating machine learning and artificial intelligence into these security processes. Sponsored by Gigamon.

GDPR - Now's the Time to Plan for Compliance The EU's new General Data Protection Regulation (GDPR) is around the corner, and it's time to prepare for it. The GDPR, specified in an 88-page document, can be confusing and tedious to put into practice. Understanding and complying is critically important, however, as non-compliance carries significant risk, with stipulated penalties exceeding $20M. This webcast will examine why the GDPR should be a priority – now; discuss the global and technological implications of GDPR, and review how technology can address some of the GDPR data security requirements. Sponsored by Imperva.

Cross Talk: How Network & Security Tools Can Communicate for Better Security Working in silos, while never a good idea, is a reality in many organizations today. Security and network operations teams have different priorities, processes and systems. Security teams use various controls and tools to mitigate different kinds of threats which provides them with thousands of alerts on a daily basis. They often find it difficult to prioritize the threats to address first. What they may not know is that there is a whole piece of the puzzle they could be missing – core network services like DNS, DHCP and IPAM. These can provide a wealth of information and context on threats, which can help prioritize response based on actual risk and ease compliance. Sponsored by Infoblox.

Future of SIEM - Remediate Malware & Spear Phishing w/Automated Playbooks It’s not uncommon for security teams to see upwards of 17,000 malware alerts per week and only investigate a third of them. Each incident detected requires investigation and eventually remediation before it can be laid to rest. Unfortunately, the security talent capable of performing these tasks is scarce, which leaves most security operations teams spread thin, a symptom of sparse coverage compounded by the drain of low fidelity security alerts and false positives. Sponsored by Exabeam.

CA Briefings Part 5 - Trends and Predictions 2016 was a blockbuster year for cybersecurity – from a hacker influenced national election to a landmark breach into the Internet of Things that caused the largest botnet attacks in history. What’s in store for 2017? Join CA Technologies’ Nick Nickols, Security CTO, as he examines what you can expect in 2017. In this webcast, Nick will discuss: key areas to focus your attention and investment – from access governance to threat analytics to IDaaS; the changing landscape of regulations and consumer behavior; technology transformations and new innovations that will influence the way you prepare for 2017. Sponsored by CA Technologies.

Briefing on Demand – Getting it Right – Security & the Internet of Things The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within an existing internet infrastructure. However, securing it can be difficult. Join Gemalto and (ISC)² for a discussion on the Internet of Things and how it will play a role in your future and what changes will be happening in security. Sponsored by Gemalto.

Building a Blueprint for an Insider Threat Program While infosecurity teams are playing defense against external threats, they cannot lose sight of the threat that insiders at their organization pose. Employees, contractors and business associates can all have accounts which provide them legitimate access to systems within the enterprise, but that access can carry significant risk. Detecting, monitoring and preventing such unauthorized access and exfiltration is critical. Building an insider threat program to manage such functions can help an organization get visibility into the problem and streamline these efforts. But where does an organization start when building such a program? What underpinnings need to be in place in order to have success with a program? Get the inside scoop on what it is really like to build and run these types of programs; what are insiders really doing and what are they stealing. Join Code42 and (ISC)² for a discussion on how to construct an effective insider threat program. Sponsored by Code42.

Reimagine Your Identity Strategy First offered at the RSA Conference this past February, RSA and (ISC)² offer our members an exclusive opportunity to hear from the identity and access assurance experts at RSA to learn what it takes to manage identity at the speed of business and deliver convenient and secure access. In this webcast, we'll examine how to deliver access to the modern workforce, addressing the identity risk factor and future-proofing your identity, and access management program. Sponsored by Sophos.

Comments

Top 10 (ISC)² Webcasts of 2017

(ISC)² webcasts are a great source for insight into all areas of security. From the Internet of Things to malware and compliance, the topics vary. Here are the top 10 (ISC)² webcasts for 2017 so far as ranked by cybersecurity professionals:

Part 1: Future of SIEM - Why Static Correlation Fails Insider Threat Detection Hackers stealing credentials and operating in your corporate network…disgruntled employees collecting customer lists and design materials for a competitor...malware sending identity information back to random domains…these common threats have been with us for years and are only getting worse. Most organizations have invested large amounts in security intelligence, yet these solutions have fallen short. Simply put, security intelligence and management, in the form of legacy SIEM technologies, have failed to keep up with complex threats. Sponsored by Exabeam.

Visibility and Security - Two sides of the Same Coin You can’t secure what you can’t see and not knowing what’s on your network can be damaging. While security is about proactively detecting and mitigating threats before they cause damage, it is also about gaining deep visibility into today’s complex networks, which may include diverse platforms and architectures. A truly enterprise grade DNS, DHCP and IPAM (DDI) platform can provide that visibility because of where it sits in networks. On the downside, DNS is a top threat vector, but can be used as strategic control points to block malicious activity and data exfiltration. Sponsored by Infoblox.

Scaling Up Network Security: Shifting Control Back to the Defenders Network threats and data breaches continue to grow in number, sophistication and speed, overwhelming current defensive capabilities. Security teams, limited in staff, resources and time, suffer from diminished effectiveness and enterprise protection. To stay ahead, organizations must create an adaptive ecosystem of network defenses; much like the body leverages its immune system. A Defense Lifecycle Model speeds threat identification and mitigation by incorporating machine learning and artificial intelligence into these security processes. Sponsored by Gigamon.

GDPR - Now's the Time to Plan for Compliance The EU's new General Data Protection Regulation (GDPR) is around the corner, and it's time to prepare for it. The GDPR, specified in an 88-page document, can be confusing and tedious to put into practice. Understanding and complying is critically important, however, as non-compliance carries significant risk, with stipulated penalties exceeding $20M. This webcast will examine why the GDPR should be a priority – now; discuss the global and technological implications of GDPR, and review how technology can address some of the GDPR data security requirements. Sponsored by Imperva.

Cross Talk: How Network & Security Tools Can Communicate for Better Security Working in silos, while never a good idea, is a reality in many organizations today. Security and network operations teams have different priorities, processes and systems. Security teams use various controls and tools to mitigate different kinds of threats which provides them with thousands of alerts on a daily basis. They often find it difficult to prioritize the threats to address first. What they may not know is that there is a whole piece of the puzzle they could be missing – core network services like DNS, DHCP and IPAM. These can provide a wealth of information and context on threats, which can help prioritize response based on actual risk and ease compliance. Sponsored by Infoblox.

Future of SIEM - Remediate Malware & Spear Phishing w/Automated Playbooks It’s not uncommon for security teams to see upwards of 17,000 malware alerts per week and only investigate a third of them. Each incident detected requires investigation and eventually remediation before it can be laid to rest. Unfortunately, the security talent capable of performing these tasks is scarce, which leaves most security operations teams spread thin, a symptom of sparse coverage compounded by the drain of low fidelity security alerts and false positives. Sponsored by Exabeam.

CA Briefings Part 5 - Trends and Predictions 2016 was a blockbuster year for cybersecurity – from a hacker influenced national election to a landmark breach into the Internet of Things that caused the largest botnet attacks in history. What’s in store for 2017? Join CA Technologies’ Nick Nickols, Security CTO, as he examines what you can expect in 2017. In this webcast, Nick will discuss: key areas to focus your attention and investment – from access governance to threat analytics to IDaaS; the changing landscape of regulations and consumer behavior; technology transformations and new innovations that will influence the way you prepare for 2017. Sponsored by CA Technologies.

Briefing on Demand – Getting it Right – Security & the Internet of Things The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within an existing internet infrastructure. However, securing it can be difficult. Join Gemalto and (ISC)² for a discussion on the Internet of Things and how it will play a role in your future and what changes will be happening in security. Sponsored by Gemalto.

Building a Blueprint for an Insider Threat Program While infosecurity teams are playing defense against external threats, they cannot lose sight of the threat that insiders at their organization pose. Employees, contractors and business associates can all have accounts which provide them legitimate access to systems within the enterprise, but that access can carry significant risk. Detecting, monitoring and preventing such unauthorized access and exfiltration is critical. Building an insider threat program to manage such functions can help an organization get visibility into the problem and streamline these efforts. But where does an organization start when building such a program? What underpinnings need to be in place in order to have success with a program? Get the inside scoop on what it is really like to build and run these types of programs; what are insiders really doing and what are they stealing. Join Code42 and (ISC)² for a discussion on how to construct an effective insider threat program. Sponsored by Code42.

Reimagine Your Identity Strategy First offered at the RSA Conference this past February, RSA and (ISC)² offer our members an exclusive opportunity to hear from the identity and access assurance experts at RSA to learn what it takes to manage identity at the speed of business and deliver convenient and secure access. In this webcast, we'll examine how to deliver access to the modern workforce, addressing the identity risk factor and future-proofing your identity, and access management program. Sponsored by Sophos.

About the (ISC)² Blog

As the certifying body for more than 125,000 cyber, information, software and infrastructure security professionals worldwide, (ISC)² believes in the importance of open dialogue and collaboration. (ISC)² established this blog to provide a voice to certified members, who have significant knowledge and valuable insights that can benefit other security professionals and the public at large.

The (ISC)² blog gives members a forum to exchange ideas and inspires a safe and secure cyber world by supporting the advancement of the information security workforce via a public exchange with a broad range of information security topics.

Whether an (ISC)² member chooses to participate in the (ISC)² blog is his or her own decision. The postings on this site are the author's own and don't necessarily represent (ISC)²'s positions, strategies or opinions. (ISC)² monitors the blog in accordance with the (ISC)² Blog Guidelines, but the bloggers are responsible for their own content – common sense and intelligence should prevail.

Other than links to the (ISC)² website, (ISC)² does not control or endorse any links to products or services provided in this blog and makes no warranty regarding the content on any other linked website.

Those who post comments to (ISC)² blogs should ensure their comments are focused on relevant topics that relate to the specific blog being discussed. (ISC)² reserves the right to remove any post or comment from this site. Should you find objectionable content in this blog, please notify us as soon as possible at blog@isc2.org